[Foundation-l] Privacy Policy & users abusing Check User Privilege

Brad Patrick bradp.wmf at gmail.com
Tue May 22 03:33:40 UTC 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

wtf?

EP TYPES wrote:
> Take Notice:
> 
> User:Jpgordon (Arbitrator en.wiki) was granted Check User Privilege:
> 
> http://en.wikipedia.org/w/index.php?title=User_talk:Hipocrite&diff=132567106&oldid=132561129
> 
> 
> Eptypes is a confirmed sock of [[User:Khunter]], [[User:Goingempty]],
> [[User:Parker007]], [[User:Shines8]], and/or [[User:Paracit]].
> --[[User:Jpgordon|jpgordon]] 00:22, 22 May 2007 (UTC)
> 
> 
> User:Mackensen (Arbitrator en.wiki) was granted Check User Privilege:
> 
> http://en.wikipedia.org/w/index.php?title=Wikipedia%3ARequests_for_arbitration&diff=132589816&oldid=132586551
> 
> 
> Hello {{user|Endgame1}}. --[[User:Mackensen|Mackensen]] 02:25, 22 May 2007
> (UTC)
> 
> These 2 users have abused the check user privilege granted to them. There
> was No Check User Request filed. They are supposed to only use their
> privilege:
> 
> Wikimedia privacy policy
> 
> On Wikimedia <http://meta.wikimedia.org/wiki/Wikimedia> projects, privacy
> policy <http://wikimediafoundation.org/wiki/privacy_policy> considerations
> are of tremendous importance. Unless someone is definitely violating policy
> with their actions (*e.g.* massive bot vandalism or spam), revealing their
> IP, whereabouts or other information sufficient to identify them is likely a
> violation.
> 
> CheckUser requires the level of confidentiality one would apply to our most
> confidential user data.
> 
> The relevant section of the privacy
> policy<http://meta.wikimedia.org/wiki/Privacy_policy>is:
>  *Policy on release of data derived from page logs*  *It is the policy of
> Wikimedia that personally identifiable data collected in the server logs, or
> through records in the database via the CheckUser feature, may be released
> by the system administrators or users with CheckUser access, in the
> following situations:*
> 
>    1. *In response to a valid subpoena or other compulsory request from
>    law enforcement*
>    2. *With permission of the affected user*
>    3. *To the chair of Wikimedia Foundation, his legal counsel, or his
>    designee, when necessary for investigation of abuse complaints. *
>    4. *Where the information pertains to page views generated by a spider
>    or bot and its dissemination is necessary to illustrate or resolve technical
>    issues.*
>    5. *Where the user has been vandalising articles or persistently
>    behaving in a disruptive way, data may be released to assist in the
>    targeting of IP blocks, or to assist in the formulation of a complaint to
>    relevant Internet Service Providers*
>    6. *Where it is reasonably necessary to protect the rights, property
>    or safety of the Wikimedia Foundation, its users or the public.*
> 
>  Wikimedia policy does not permit public distribution of such information
> under any circumstances, except as described above.
> 
> *Information release*
> 
> Even if the user is committing abuse, it's best not to reveal personal
> information if possible.
> 
>    - Generally, do not reveal IPs. Only give information such as same
>    network/not same network or similar. If detailed information is provided,
>    make sure the person you are giving it to is a trusted person and will not
>    reveal it himself.
>    - If the user has said they're from somewhere and the IP confirms it,
>    it's not releasing private information to confirm it if needed.
>    - If they're on a large national or international ISP (*e.g.* AOL,
>    NTL, BT, Telstra) where they're one of millions of users, saying so is
>    unlikely to be personally identifiable.
>    - Revealing the country is generally not personally identifiable (*e.g
>    .* "User:Querulous is coming in from the UK, User:Sockpuppet is coming
>    in from Canada").
>    - If you're in any doubt, give no detail.
> _______________________________________________
> foundation-l mailing list
> foundation-l at lists.wikimedia.org
> http://lists.wikimedia.org/mailman/listinfo/foundation-l
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGUmST5txwQhyxnbIRAv2MAJ48NcFzuYE5jA0ik5XggxGT3fsd2wCggk+x
/ib975/X20yJoZAzQIZ1Hcs=
=ou2L
-----END PGP SIGNATURE-----

More information about the foundation-l mailing list